<?php
/**
 * 登录
 **/
include("../includes/common.php");
$qq  = $DB -> get_row("select * from auth_config where `k`='auth_adminqq'");
if (isset($_POST['user']) && isset($_POST['pass'])) {
    if (!$_SESSION['pass_error']) $_SESSION['pass_error'] = 0;
    $user = daddslashes($_POST['user']);
    $pass = daddslashes($_POST['pass']);
    $row = $DB->get_row("SELECT * FROM auth_user WHERE user='$user' limit 1");
    if ($_SESSION['pass_error'] > 5) {
        @header('Content-Type: text/html; charset=UTF-8');
        exit("<script language='javascript'>alert('用户名或密码不正确！');history.go(-1);</script>");
    } elseif ($row['user'] == '') {
        @header('Content-Type: text/html; charset=UTF-8');
        exit("<script language='javascript'>alert('用户名或密码不正确！');history.go(-1);</script>");
    } elseif ($pass != $row['pass']) {
        $_SESSION['pass_error']++;
        @header('Content-Type: text/html; charset=UTF-8');
        exit("<script language='javascript'>alert('用户名或密码不正确！');history.go(-1);</script>");
    } elseif ($row['active'] == 0) {
        @header('Content-Type: text/html; charset=UTF-8');
        exit("<script language='javascript'>alert('您的授权平台账号已被封禁！');history.go(-1);</script>");
    } elseif ($row['user'] == $user && $row['pass'] == $pass) {
        $citylist = explode(',', $row['citylist']);
        $city = get_ip_city($clientip);
        if ($row['citylist'] && !in_array($city, $citylist)) {
            $DB->query("update auth_user set active='0' where uid='{$row['uid']}'");
            $DB->query("insert into `auth_log` (`uid`,`type`,`date`,`city`,`data`) values ('" . $user . "','异常登陆','" . $date . "','" . $city . "','IP:" . $clientip . "')");
            @header('Content-Type: text/html; charset=UTF-8');
            exit("<script language='javascript'>alert('系统检测到您有异常登录，账号已封禁！');history.go(-1);</script>");
        }
        $session = md5($user . $pass . $password_hash);
        $token = authcode("{$user}\t{$session}", 'ENCODE', SYS_KEY);
        $city = get_ip_city($clientip);
        $DB->query("insert into `auth_log` (`uid`,`type`,`date`,`city`,`data`) values ('" . $user . "','登陆平台','" . $date . "','" . $city . "','IP:" . $clientip . "')");
        setcookie("auth_token", $token, time() + 604800000);
        @header('Content-Type: text/html; charset=UTF-8');
        exit("<script language='javascript'>alert('登陆后台管理成功！');window.location.href='./';</script>");
    }
} elseif (isset($_GET['logout'])) {
    setcookie("auth_token", "", time() - 604800000);
    @header('Content-Type: text/html; charset=UTF-8');
    exit("<script language='javascript'>alert('您已成功注销本次登陆！');window.location.href='./login.php';</script>");
} elseif ($islogin == 1) {
    @header('Content-Type: text/html; charset=UTF-8');
    exit("<script language='javascript'>alert('您已登陆！');window.location.href='./';</script>");
}
$title = '管理员后台登录';
include './head.php';
?>
<nav class="navbar navbar-fixed-top navbar-default" style="background:#000000; color:#FFFFFF">
    <div class="container">
        <div class="navbar-header">
            <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar"
                    aria-expanded="false" aria-controls="navbar">
                <span class="sr-only">导航按钮</span>
                <span class="icon-bar"></span>
                <span class="icon-bar"></span>
                <span class="icon-bar"></span>
            </button>
            <a style="background:#000000; color:#FFFFFF" class="navbar-brand" href="./">小程序微后台登录</a>
            <a style="background:#000000; color:#FFFFFF" class="navbar-brand" href="https://www.wobbt.cn">大鹏源码网</a>
            <a style="background:#000000; color:#FFFFFF" class="navbar-brand" href="https://www.wobbt.cn">芊芊源码网</a>
        </div><!-- /.navbar-header -->
        
        <div id="navbar" class="collapse navbar-collapse">
            <ul class="nav navbar-nav navbar-right">
                <li class="active">
                    <a href="./login.php" style="background:#000000"><span  class="glyphicon glyphicon-user" ></span><text style="color:#FFFFFF">登陆</text></a>
                </li>
            </ul>
        </div><!-- /.navbar-collapse -->
    </div><!-- /.container -->
</nav><!-- /.navbar -->
<div class="container" style="padding-top:70px;">
    <div class="col-xs-12 col-sm-10 col-lg-8 center-block" style="float: none;">
        <div class="panel panel-primary">
            <div class="block-options pull-right">
            <a href="../" style="background:#000000; color:#FFFFFF"  class="btn btn-effect-ripple btn-default toggle-bordered enable-tooltip">返回首页</a>
            </div>
            <div class="panel-heading" style="background:#000000; color:#FFFFFF"><h3 class="panel-title">管理员登陆</h3>
            
                <div class="widget">
    <div class="widget-content themed-background-flat text-center"  style="background-image: url(//cdn.qqzzz.net/assets/simple/img/userbg.jpg);background-size: 100% 100%;" >
    </div>
            
            
            </div>
            <div class="panel-body">
                <form action="./login.php" method="post" class="form-horizontal" role="form">
                    <div class="input-group">
                        <span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
                        <input type="text" name="user" value="<?php echo @$_POST['user']; ?>" class="form-control"
                               placeholder="用户名" required="required"/>
                    </div>
                    <br/>
                    <div class="input-group">
                        <span class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></span>
                        <input type="password" name="pass" class="form-control" placeholder="密码" required="required"/>
                    </div>
                    <br/>
                    <div class="form-group">
                        <div class="col-xs-12"><input style="background:#000000; color:#FFFFFF" type="submit" value="登陆" class="btn btn-primary form-control"/>
                        </div>
                    </div>
                </form>
            </div>
        </div>
    </div>
     </div>
</div>